Security News

The Federal Bureau of Investigation shared indicators of compromise associated with the Iranian state-sponsored threat group behind last week's Proud Boys voter intimidation emails that targeted Democratic voters. The threatening spoofed emails used the "Vote for Trump or Else" subject and warned voters registered as Democrats that they must vote for President Trump and change their party to Republican unless they want the Proud Boys far-right group to come after them.

The two conferences targeted include the Munich Security Conference, slated for Feb. 19 to 21, 2021 and the Think 20 Summit in Saudi Arabia, taking place Oct. 31 to Nov. 1 2020. Microsoft linked the attack, which targeted more than 100 conference attendees, to Phosphorus, which it said is operating from Iran.

The FBI and the US government's Cybersecurity and Infrastructure Security Agency on Thursday issued a joint warning that a Kremlin hacking crew is probing or breaking into systems belonging to the US government and aviation industry. The joint advisory states that the team, known as Energetic Bear among other monikers, has been specifically going after US state, local, territorial, and tribal government networks, as well as aviation, since at least September 2020.

Federal officials claim that Iranian threat actors are behind two separate email campaigns that assailed Democratic voters this week with threats to "Vote for Trump or else." The campaigns claimed to be from violent extremist group Proud Boys. Two specific email campaigns - one on Tuesday Oct. 20 and one on Wednesday, Oct. 21 - threatened Democratic voters in Alaska, Arizona and Florida that attackers accessed "All of your information." They warned that there would be dire repercussions if voters didn't cast their ballot for President Trump in the upcoming election, according to a Wednesday Proofpoint report.

Menacing emails to Democratic voters, telling them to vote for Donald Trump in the upcoming US elections or else, were sent by Iran, US intelligence claimed on Wednesday night. At a press conference tonight, Uncle Sam's Director of National Intelligence John Ratcliffe said the messages were actually sent by Iranian agents, who had obtained US voter records, including contact details, seemingly to intimidate Americans.

Iran is responsible for emails sent to Democratic voters in multiple states aimed at intimidating the recipients into voting for President Donald Trump, U.S. officials said Wednesday night in calling out both Tehran and Russia for activities meant to interfere in the upcoming presidential election. The announcement at a rare, hastily called news conference just two weeks before the election underscored the concern within the U.S. government about efforts by foreign countries to spread false information meant to suppress voter turnout and undermine American confidence in the vote.

The US govt has stated that Iran is behind threatening emails sent to Democratic voters warning that they must vote for Trump or face consequences. Over the past two days, voters registered as Democrats in Florida and Alaska have received voter intimidation emails claiming to be from the far-right group known as the Proud Boys.

Iran-linked state-sponsored threat actor 'Silent Librarian' has launched another phishing campaign targeting universities around the world. Silent Librarian, Malwarebytes' security researchers reveal, has sent spear-phishing emails to both staff and students at the targeted universities, and the threat actor was observed setting up new infrastructure to counter efforts to take down its domains.

Iran's cybersecurity authority acknowledged cyberattacks on two governmental departments this week, state media reported Thursday. The cyberattacks occurred Tuesday and Wednesday and were under investigation, the state-owned IRAN daily newspaper said.

The United States this week announced that it seized a total of 92 domain names that an Iran-linked adversary was leveraging in a global disinformation campaign. The manner in which these domains were being used was in violation of sanctions the U.S. imposed on both the government of Iran and the IRGC. As of April 2019, the United States has designated the IRGC as a foreign terrorist organization.